diff options
Diffstat (limited to 'import-layers/yocto-poky/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2013-0211.patch')
-rw-r--r-- | import-layers/yocto-poky/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2013-0211.patch | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/import-layers/yocto-poky/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2013-0211.patch b/import-layers/yocto-poky/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2013-0211.patch deleted file mode 100644 index 19523f4b8..000000000 --- a/import-layers/yocto-poky/meta/recipes-extended/libarchive/libarchive/libarchive-CVE-2013-0211.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 2f55d6bd308ea61975558c2469ae349dba297e89 Mon Sep 17 00:00:00 2001 -From: Robert Yang <liezhi.yang@windriver.com> -Date: Sat, 22 Feb 2014 14:35:59 +0800 -Subject: [PATCH] Fix CVE-2013-0211 - -This patch comes from:https://github.com/libarchive/libarchive/commit/22531545514043e04633e1c015c7540b9de9dbe4 - -Upstream-Status: Backport -CVE: CVE-2013-0211 - -Signed-off-by: Baogen shang <baogen.shang@windriver.com> - -Update the patch because of uprev on 20140222 - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - libarchive/archive_write.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c -index a3d1a33..a323588 100644 ---- a/libarchive/archive_write.c -+++ b/libarchive/archive_write.c -@@ -671,8 +671,12 @@ static ssize_t - _archive_write_data(struct archive *_a, const void *buff, size_t s) - { - struct archive_write *a = (struct archive_write *)_a; -+ const size_t max_write = INT_MAX; - archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC, - ARCHIVE_STATE_DATA, "archive_write_data"); -+ /* In particular, this catches attempts to pass negative values. */ -+ if (s > max_write) -+ s = max_write; - archive_clear_error(&a->archive); - return ((a->format_write_data)(a, buff, s)); - } --- -1.8.2.1 - |